DEV Community

Discussion on: Closures: The JS Scope Hack

Collapse
boyum profile image
Sindre Bøyum

Using closures this way is a nice touch! It's true that the secret variable inside checkSecret can't be changed, however I would be careful not to add anything too secret this way, as checkSecret.toString() returns

"() => {
  const secret = 'pillow' // gets tossed into the bin! 
  return attempt => {
    return secret === attempt
  }
}"

thus revealing the secret string.

Collapse
bbarbour profile image
Brian Barbour Author • Edited on

👍 Right! Put actual secrets into .env variables.